From d3dda8c0bd194c28cf11c189c150c00bdc3e8a83 Mon Sep 17 00:00:00 2001
From: Matthew Lemon <y@yulqen.org>
Date: Sun, 8 Dec 2024 21:18:23 +0000
Subject: wip: working on ratelimit - not quite working in the browser

---
 alphabetlearning/payments/views.py | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'alphabetlearning/payments')

diff --git a/alphabetlearning/payments/views.py b/alphabetlearning/payments/views.py
index 7f13e81..2be5344 100644
--- a/alphabetlearning/payments/views.py
+++ b/alphabetlearning/payments/views.py
@@ -15,6 +15,7 @@ from django.views import View
 from django.views.decorators.csrf import csrf_exempt
 from django.views.generic import DeleteView
 from django.views.generic import TemplateView
+from django_ratelimit.decorators import ratelimit
 
 from alphabetlearning.payments.models import EmailSignup
 from alphabetlearning.payments.models import EmailVerification
@@ -57,6 +58,7 @@ class SuccessEmailSignupView(TemplateView):
         return context
 
 
+@ratelimit(key="ip", rate="2/m", block=True)
 def email_signup_verification(request):
     if request.method == "POST":
         form = EmailVerificationForm(request.POST)
-- 
cgit v1.2.3